PT-2026-7391

After Effects versions 25.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user...

lrzip 代码问题漏洞

lrzip is a compression utility personally developed by Con Kolivas. Versions of lrzip prior to 0.651 contained code vulnerabilities, which stemmed from a null pointer dereferencing issue in the ucompthread function...

Security Updates for Microsoft Office Products (February 2026) (macOS)

The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the february-10-2026 advisory. - Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-20952 - Untrusted pointer dereference...

VulnCheck KEV: CVE-2026-21525

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally...

Siemens SCALANCE and RUGGEDCOM NULL Pointer Dereference (CVE-2024-8006)

Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcapfindalldevsex. One of the function arguments can be a filesystem path, which normally means a directory with...

2026.1 IPU, Intel® Chipset Firmware Advisory

Summary: Potential security vulnerabilities in some Intel® Converged Security and Management Engine Intel® CSME, some Intel® Active Management Technology Intel® AMT, and some Intel® Standard Manageability may allow denial of service or information disclosure. Intel is releasing firmware updates t...

Siemens S7-1500 NULL Pointer Dereference (CVE-2025-8224)

A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfdelfgetstrsection of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack...

CVE-2026-23948

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability...

CVE-2026-23948

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability...

UBUNTU-CVE-2026-23948

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability...

CVE-2026-23948

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability...

CVE-2026-23948 FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability...

GnuTLS 安全漏洞

GnuTLS is an open-source, free security communication library developed by GnuTLS that enables the implementation of SSL, TLS, and DTLS protocols. There is a security vulnerability in gnutls. This vulnerability stems from the possibility of remote, unverified attackers sending specially crafted...

CVE-2026-1990

A security vulnerability has been detected in oatpp up to 1.3.1. This impacts the function oatpp::data::type::ObjectWrapper::ObjectWrapper of the file src/oatpp/data/type/Type.hpp. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit ha...

CVE-2026-2062

A vulnerability was identified in Open5GS up to 2.7.6. This affects the function sgwcs5chandlemodifybearerresponse/sgwcsxahandlesessionmodificationresponse of the component PGW S5U Address Handler. The manipulation leads to null pointer dereference. The attack can be initiated remotely. The explo...

CVE-2026-2062

A vulnerability was identified in Open5GS up to 2.7.6. This affects the function sgwcs5chandlemodifybearerresponse/sgwcsxahandlesessionmodificationresponse of the component PGW S5U Address Handler. The manipulation leads to null pointer dereference. The attack can be initiated remotely. The explo...

CVE-2026-2062

A vulnerability was identified in Open5GS up to 2.7.6. This affects the function sgwcs5chandlemodifybearerresponse/sgwcsxahandlesessionmodificationresponse of the component PGW S5U Address Handler. The manipulation leads to null pointer dereference. The attack can be initiated remotely. The explo...

GHSA-CR88-6MQM-4G57 Gogs has a Denial of Service issue

Summary An authenticated user can cause a DOS attack. If one of the repo files is deleted before synchronization, it will cause the application to crash. Details If GetMirrorByRepoID fails, the error log dereferencing null pointer. This happens if the repository no longer exits...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the uvcscanstreaming function in the UVC Descriptor Handler component. An attacker can cause a denial of service by triggering a null pointer dereference through local access. Remediation There is no fixed...

CVE-2026-1991

A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvcscanstreaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be use...